 <?php
//读取产品类别
function getcategory($pid=0){
    global $db;
    $sql="select * from category where pid=".$pid;
    $rs=$db->getData($sql);
    //print_r($rs);  //打印
    return $rs;   //返回
}

//获取新闻type类型
function getnewstype($type){
    switch($type){
        case 0:
        return "公告";
        break;
        case 1:
        return "特惠";
        break;
        default:
        return "ERROR";
        
    }
    
}
//获取网站基本信息
function getwebinfo(){
    global $db;
    $sql="select * from webinfo";
    return $db->getData($sql,true);
}

//获取用户信息
function getmember($id,$field){
    global $db;
    $sql="select ".$field." from member where id=".$id;
    $rs=$db->getData($sql,true);
    if($rs[$field]){
        return $rs[$field];
    }else{
        return "null.jpg";
    }
    
}
//查询规格名称
function getspec($sid){
    global $db;
    $sql="select name from goodsspec where id=".$sid;
    $rs=$db->getData($sql,true);
    return $rs["name"];
}

//获取用户id
function getmid($u){
    global $db;
    $sql="select id from member where username='".$u."' or tel='".$u."' or email='".$u."'";
    $rs=$db->getData($sql,true);
    return $rs["id"];
}
//获取商家id
function getbid($u){
    global $db;
    $sql="select id from business where username='".$u."'";
    $rs=$db->getData($sql,true);
    return $rs["id"];
}

function getsh($id){
    switch($id){
        case 0:
            return"<span style='color:red'>未审核</span>";
            break;
        case 1:
            return"<span style='color:green'>已审核</span>";
            break;
        default:
            return "";
            
    }
}

//查询类别名称
function getlb($cid){
    global $db;
    $sql="select name from category where id=".$cid;
    $rs=$db->getData($sql,true);
    return $rs["name"];
}
function decodeUnicode($str)
{
    return preg_replace_callback('/\\\\u([0-9a-f]{4})/i',
        create_function(
            '$matches',
            'return mb_convert_encoding(pack("H*", $matches[1]), "UTF-8", "UCS-2BE");'
        ),
        $str);
}
//添加日志方法
function addlog($name,$content){
    global $db;
   $sql="insert into syslog values(null,'".$_SESSION["business_username"]."','".$name."','".filterchars($content)."',".time().")";
   $sql="insert into syslog values(null,'".$_SESSION["business_username"]."','".$name."','".filterchars($content)."',".time().")";
   $db->execSql($sql);
}


//过滤特殊字符方法
function filterchars($str){
    $str = str_replace("and","&#97;nd",$str);
    $str = str_replace("execute","&#101;xecute",$str);
    $str = str_replace("update","&#117;pdate",$str);
    $str = str_replace("count","&#99;ount",$str);
    $str = str_replace("chr","&#99;hr",$str);
    $str = str_replace("mid","&#109;id",$str);
    $str = str_replace("master","&#109;aster",$str);
    $str = str_replace("truncate","&#116;runcate",$str);
    $str = str_replace("char","&#99;har",$str);
    $str = str_replace("declare","&#100;eclare",$str);
    $str = str_replace("select","&#115;elect",$str);
    $str = str_replace("create","&#99;reate",$str);
    $str = str_replace("delete","&#100;elete",$str);
    $str = str_replace("insert","&#105;nsert",$str);
    $str = str_replace("'","&#39;",$str);
    $str = str_replace("\"","&#34;",$str);
    return $str;
}


function getrole($id){
    if($id==0){
        return "管理员";
    }
    global $db;
    $sql="select name from role where id=".$id;
    $rs=$db->getData($sql,true);
    return $rs["name"];
}
//判断该用户是否有该页面的访问权限
function ckaccess($file){
    global $db;
    $xg=strrpos($file,"\\");
    $dian=strrpos($file,".");
    $page=substr($file, $xg+1,$dian-$xg-1);

    $sql="select pid,roleid from business where username='".$_SESSION["business_username"]."'";
    $rs=$db->getData($sql,true);
    if($rs["pid"]!=0){
        //$rs["roleid"] 角色ID  $rs["pid"]商家id  $page访问名字
        $sql="select count(-1) as c from access where roleid=".$rs["roleid"]." and bid=".$rs["pid"]." and page='".$page."'";
        $rs=$db->getData($sql,TRUE);
        if($rs["c"]<=0){
            exit("对不起，您没有本页面的访问权限");
        }

    }
}